Closed Bug 292947 Opened 20 years ago Closed 20 years ago

Password manager needs to check isTrusted on DOMPageRestore events

Tracking

()

Status:

RESOLVED FIXED

People

(Reporter: bzbarsky, Unassigned)

References

Details

Boris Zbarsky [:bzbarsky]

Reporter

Description

•

20 years ago

This is a review comment from bug 274784: Also, what happens if content fires DOMPageRestore events? Wouldn't autofill trigger on those? Do we need some isTrusted checks here?

Boris Zbarsky [:bzbarsky]

Reporter

Updated

•

20 years ago

Blocks: blazinglyfastback

Brian Ryner (not reading)

Comment 1

•

20 years ago

This was actually addressed in the last patch I posted: NS_IMETHODIMP nsPasswordManager::PageRestore(nsIDOMEvent* aEvent) { // Only autofill for trusted events. nsCOMPtr<nsIDOMNSEvent> nsevent = do_QueryInterface(aEvent); PRBool trusted = PR_FALSE; if (nsevent) nsevent->GetIsTrusted(&trusted); if (!trusted) return NS_OK;

Status: NEW → RESOLVED

Closed: 20 years ago

Resolution: --- → FIXED

Nobody; OK to take it and work on it

Assignee

Updated

•

17 years ago

Product: Firefox → Toolkit

You need to log in before you can comment on or make changes to this bug.

Bugzilla

Password manager needs to check isTrusted on DOMPageRestore events

Categories

(Toolkit :: Password Manager, defect)

Tracking

()

People

(Reporter: bzbarsky, Unassigned)

References

Details

Crash Data

Security

(public)

User Story

Description

Updated

Comment 1

Updated